SYMBOLCOMMON_NAMEaka. SYNONYMS

DriftingCloud  (Back to overview)


DriftingCloud is a persistent threat actor known for targeting various industries and locations. They are skilled at developing or acquiring zero-day exploits to gain unauthorized access to target networks. Compromising gateway devices is a common tactic used by DriftingCloud, making network monitoring solutions crucial for detecting their attacks.


Associated Families

There are currently no families associated with this actor.


References
2023-07-14Trend MicroDaniel Lunghi
Possible Supply-Chain Attack Targeting Pakistani Government Delivers Shadowpad
ShadowPad DriftingCloud Tonto Team
2022-06-15VolexitySteven Adair, Thomas Lancaster, Volexity Threat Research
DriftingCloud: Zero-Day Sophos Firewall Exploitation and an Insidious Breach
pupy Sliver DriftingCloud

Credits: MISP Project